Sergey,
Using @Context SecurityContext sc didn't work:
Caused by: com.sun.xml.bind.v2.runtime.IllegalAnnotationsException: 2
counts of IllegalAnnotationExceptions
org.apache.cxf.security.SecurityContext is an interface, and JAXB can't
handle interfaces.
this problem is related to the following location:
at org.apache.cxf.security.SecurityContext
at private org.apache.cxf.security.SecurityContext
com.db.websso.integration.services.jaxws_asm.GetApplicationConfiguration.arg1
at
com.db.websso.integration.services.jaxws_asm.GetApplicationConfiguration
org.apache.cxf.security.SecurityContext does not have a no-arg default
constructor.
this problem is related to the following location:
at org.apache.cxf.security.SecurityContext
at private org.apache.cxf.security.SecurityContext
com.db.websso.integration.services.jaxws_asm.GetApplicationConfiguration.arg1
at
com.db.websso.integration.services.jaxws_asm.GetApplicationConfiguration
And the SecurityContextImpl didn't work either:
Caused by: com.sun.xml.bind.v2.runtime.IllegalAnnotationsException: 1
counts of IllegalAnnotationExceptions
org.apache.cxf.jaxrs.provider.SecurityContextImpl does not have a no-arg
default constructor.
this problem is related to the following location:
at org.apache.cxf.jaxrs.provider.SecurityContextImpl
at private org.apache.cxf.jaxrs.provider.SecurityContextImpl
com.db.websso.integration.services.jaxws_asm.GetApplicationConfiguration.arg1
at
com.db.websso.integration.services.jaxws_asm.GetApplicationConfiguration
Any thoughts?
John Baker
--
Web SSO
IT Infrastructure
Deutsche Bank London
URL: http://websso.cto.gt.intranet.db.com
"Sergey Beryozkin" <[EMAIL PROTECTED]>
17/06/2008 16:04
Please respond to
[email protected]
To
<[email protected]>
cc
Subject
Re: Roles and permissions
Hi John
Try
@Context SecurityContext sc
as a parameter in your method
and then sc.isUsertInRole()...
The other option is to experiment with Acegi (Spring Security), as far as
applying permissions to individual methods - I haven't
tried myself. I think JAX-RS will support some explicit EE security
annotations too at some time
Cheers, Sergey
> Hello,
>
> Is there any way to use annotations to apply roles to methods in a
> Webservice or REST call? I'd like to be able to configure an
application
> to let users within one group access a set of methods that another set
of
> users can not access.
>
> Is there a way to get the HttpRequest object from a method?
>
> Thanks,
>
>
> John Baker
> --
> Web SSO
> IT Infrastructure
> Deutsche Bank London
>
> URL: http://websso.cto.gt.intranet.db.com
>
>
> ---
>
> This e-mail may contain confidential and/or privileged information. If
you are not the intended recipient (or have received this
> e-mail in error) please notify the sender immediately and delete this
e-mail. Any unauthorized copying, disclosure or distribution
> of the material in this e-mail is strictly forbidden.
>
> Please refer to http://www.db.com/en/content/eu_disclosures.htm for
additional EU corporate and regulatory disclosures.
----------------------------
IONA Technologies PLC (registered in Ireland)
Registered Number: 171387
Registered Address: The IONA Building, Shelbourne Road, Dublin 4, Ireland
---
This e-mail may contain confidential and/or privileged information. If you are
not the intended recipient (or have received this e-mail in error) please
notify the sender immediately and delete this e-mail. Any unauthorized copying,
disclosure or distribution of the material in this e-mail is strictly forbidden.
Please refer to http://www.db.com/en/content/eu_disclosures.htm for additional
EU corporate and regulatory disclosures.
